Can the new Token Protection policy in Conditional Access be used for Azure Virtual Desktops?

Question

Can the new Token Protection policy in Conditional Access be used for Azure Virtual Desktops?

Everett Crane 0

From my understanding of this policy, the token is securely bound to the hardware to secure the account. That secured token checks the hardware before allowing access to Azure resources. Based on that understanding, using an Azure Virtual Desktop created from an Image Server would break that trust with each newly spawned host.

Is there a way to configure the Token Protection policy to work with AVD's?

vipullag-MSFT 21,186 Reputation points Microsoft Employee

2023-09-09T05:25:04.8+00:00

Hello Everett Crane

Any update on the issue?

Just checking in to see if you got a chance to see previous response.

If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.

vipullag-MSFT 21,186 Reputation points Microsoft Employee

2023-09-09T05:25:04.8+00:00

Hello Everett Crane

Any update on the issue?

Just checking in to see if you got a chance to see previous response.

If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.

Answer 1

Hello Everett Crane

Firstly, apologies for the delay in responding here. I checked with internal team on this ask.

This is not officially supported. It would not work in pooled scenarios, as the user is not registering the session host as his device.

Please raise feature request here so that the product team can check on this https://techcommunity.microsoft.com/t5/azure-virtual-desktop/bd-p/AzureVirtualDesktopForum

Hope this helps.

Can the new Token Protection policy in Conditional Access be used for Azure Virtual Desktops?

1 answer

Activity